Re: [lvs-users] Fallback directive in ldirectord

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?
From:	Simon Oxwell <s.oxwell@xxxxxxxxxxxxxx>
Date:	Sat, 19 Jul 2008 17:32:46 +0800

Simon Horman wrote:
> On Sat, Jul 19, 2008 at 03:31:53PM +0800, Simon Oxwell wrote:
>> Simon Horman wrote:
>>>> So, what is it that I've got misconfigured? Or is it a case of not 
>>>> understanding what it is that the fallback directive actually does in 
>>>> this case?
>>> Can you try setting apache to listen on 134.115.4.218:80?
>>>
>>> The connections from end-users should have that as their source IP address
>>> and port at the time that they are received by apache.
>>
>> Yep, I can do that, and that works, but I'm not understanding why it 
>> works, particularly as it doesn't seem to matter what port I set in the 
>> in fallback directive - 127.0.0.1:80 works just as well as 127.0.0.1:800.
>>
>> Is it that ipvs passes the packet through the kernel 'normally' (not 
>> quite sure of the correct terminology) when the server-address is 
>> localhost, rather than rewriting/forwarding the packet when it gets 
>> picked up on the INPUT chain?
> 
> Yes, that is likely the case.
> 
> I did hack up some code a while back to give the behaviour that
> you were expecting, but perhaps its not merged. You can easily tell
> by running ipvsadm -Ln. If it says 127.0.0.1:80, then that is what
> it is using, regardless of what you asked for. If that is the case,
> could you let me know which kernel version you have (uname -a) and
> I'll chase down what became of my patch.

I changed the VIP port to port 81, made apache listen on port 81, and 
set the fallback to 127.0.0.1:800

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  134.115.4.218:81 lc persistent 600
   -> 10.50.48.11:7778             Masq    0      0          0
   -> 10.50.48.12:7778             Masq    0      0          0
   -> 127.0.0.1:800                Local   1      0          0

And that works, so ipvs isn't remapping the port all (i've got nothing 
listening on port 800) - it's just being a transparent pass-through, 
like for any non-ipvs managed ip:port.

(it's 2.6.18 kernel, specifically the 2.6.18-6-686 debian package)

Thanks for your help.


Simon

-- 
o Simon Oxwell -- Database & Systems Administrator --- IT Services o
| s.oxwell@xxxxxxxxxxxxxx                 Science & Computing 1.37 |
| Phone: +61 8 9360 7335                        Murdoch University |
o-----o  "The lesson here is that dreams inevitably lead to  o-----o
           hideous implosions" - Miss Bitters, 'Invader Zim'

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Oxwell Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Horman Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Oxwell Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Horman Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Oxwell <=

Previous by Date:	Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Horman
Next by Date:	[lvs-users] Iptables find invalid packets, Dimitri GOURDON
Previous by Thread:	Re: [lvs-users] Fallback directive in ldirectord - what does it actually do?, Simon Horman
Next by Thread:	[lvs-users] Iptables find invalid packets, Dimitri GOURDON
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: [lvs-users] Fallback directive in ldirectord - what does it actually